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CLAIMS 

1. A remote access system for a secure computer network, 
comprising: 

an agent operative in conjunction with said secure 
5 computer network; 

an intermediary operative in conjunction with a network 
entity distinct from said secure computer network; and 

a manager for defining a directive to be executed by 
said agent, wherein 
10 said manager and said intermediary .are capable of 

establishing secure communications therebetween, 

said intermediary and said agent are capable of 
establishing secure communications therebetween, and 

said manager is operative to convey said directive to 
15 be executed to said intermediary and said agent is operative 
to receive said directive to be executed from said 
intermediary prior to executing said directive. 

2. The system of claim 1, wherein said agent is operative 
20 to execute said directive and to return results of said 

executed directive to said intermediary. 

3. The system of claim 2, wherein said intermediary is 
operative to forward said results of said executed directive 

25 to said manager subsequent to said return of said results to 
said intermediary by said agent. 

.4. The system of claim 1, wherein said agent is operative 
to block pending receipt of said directive to be executed 
30 from manager via said intermediary. 
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5. The system of claim 1, wherein said agent and said 
intermediary are capable of authenticating each other prior 
to establishing said secure communications therebetween. 

5 6. The system of claim 1, wherein said manager and said 
intermediary are capable of authenticating each other prior 
to establishing said secure communications therebetween. 

7. The system of claim 6, wherein said agent is capable of 
10 providing a password to said intermediary for subsequent 

comparison by said intermediary with a password provided by 
said manager. 

8. The system of claim 6, wherein said agent is capable of 
15 providing said intermediary with a identifying data, said 

intermediary capable of providing said identifying data to 
said manager, and said manager capable of authenticating 
said intermediary based upon said identifying data. 

20 9. The system of claim 1, wherein said manager is a web 
browser and said intermediary is a web server. 

10. The system of claim 1, further comprising a first data 
pathway between said agent and said intermediary and a 

25 second data pathway between said intermediary and said 
agent, wherein at least one of said first and second data 
pathways is comprised of the Internet. 

11. A method of remotely servicing a secure computer 
30 system, comprising: 
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conveying a directive to be executed from a manager to 
an intermediary distinct from said secure computer system 
over a first secure communications pathway; 

receiving, by an agent of said secure computer system, 
5 said directive to be executed from said intermediary over a 
second secure communications pathway; and 

executing, by said agent, said directive to executed. 

12. The method of claim 11, further comprising establishing 
10 said first secure communications pathway by said agent 
conveying intermediary-identifying data to said 
intermediary, and said intermediary conveying intermediary- 
identifying data to said manager. 

15 13. The method of claim 11, further comprising establishing 
said first secure communications pathway' by said manager 
conveying manager-identifying data to said intermediary. 

14. The method of claim 11, further comprising establishing 
20 said second secure communications pathway by said agent 

conveying agent-identifying data to said intermediary. 

15. The method of claim 11, further comprising establishing 
said second secure communications pathway by said 

25 intermediary conveying intermediary-identifying data to said 
agent . 

16. The method of claim 11, wherein said establishment of 
said first secure communications pathway between said 

30 manager and said intermediary comprises using a web browser 
as said manager and accessing a web server as said 
intermediary . 
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17. The method of claim 11, further comprising: 
returning, by said agent, results of an executed 

directive to said intermediary; and 

returning, by said intermediary, said executed 
directive results to said manager. 

18. A remote servicing system intermediary for a secure 
computer system, comprising: 

a web server communicable, over a first secure 
communications link, with a manager running on a management 
computer system and, over a second secure communications 
link, with an agent running on said secure computer system, 

said web server capable of spawning a first sub-process 
for receiving, over said first secure communications link, a 
directive to be executed by said secure computer system, and 

said web server capable of spawning a second sub- 
process for transmitting, over said second secure 
communications link, said directive to be executed by said 
secure computer system. 

19. The intermediary of claim 18, further comprising memory 
for storing a password received from said secure computer 
system for use in validating said manager. 

20. The intermediary of claim 18, wherein said intermediary 
is operative to block pending receipt of said directive to 
be executed from said manager. 

21. The intermediary of claim 18, further comprising a 
digital certificate to be conveyed to said agent and to said 
manager for authenticating said intermediary. 
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22. The intermediary of claim 18, further comprising an 
access database for defining which secure computer systems 
communicable with said intermediary said manager may define 

5 directives for. 

23. The intermediary of claim 18, wherein said intermediary 
is operative to receive results of said executed directive 
from said secure computer system over said second secure 

10 communications link and is further operative to convey said 

results to said manager over said first secure 

communications link. 

5 5 
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Ul 24. A method of operating an intermediary for the remote 

j* 15 servicing of a secure computer system, comprising: 

IPL: providing a first digital certificate to an agent 

J}! running on said secure computer system in response to a 

n request from said agent for the purpose of authenticating 

01 1 said intermediary to said agent; 

Lb 

yi 20 storing identifying information received from said 

~ agent; 

providing a second digital certificate to a manager in 
response to a request from said manager for the purpose of 
authenticating said intermediary to said manager; 
25 ~. receiving said identifying information from said 

manager for the purpose of authenticating said manager to 
said intermediary; 

receiving, from said manager, a directive to be 
executed by said agent; and 
30 forwarding said directive to said agent for execution. 

25. The method of claim 24, further comprising: 
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receiving -results of said executed directive from said 
agent; and 

forwarding said results to said manager/ 

5 26. The method of claim 24, further comprising: 

storing a list of secure computer systems communicable 
with said intermediary and for which said manager may define 
directives to be executed. 

10 27. The method of claim 24, further comprising: 

establishing a first secure communications pathway 
between said intermediary and said agent in response to said 
agent authenticating said intermediary based upon said 
provision of said first digital certificate from said 

15 intermediary to said agent. 

28. The method of claim 24, further comprising: 

establishing a second secure communications pathway 
between said intermediary and said manager in response to 
20 said manager authenticating said intermediary based upon 
said provision of said second digital certificate from said 
intermediary to said manager and in response said receipt of 
said identifying information from said manager by said 
intermediary . 

25 
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